[SOLVED] mysql_real_escape_string not working?

lokie538 · December 23, 2008

Hi,

Im trying to impliment this mysql_real_escape_string into my code :/ not hard I thought, but some some reason it just wont work? Probably something simple im doing?

This is the important bits of the code!

<?php
// connect to the database
$cxn = mysqli_connect($host,$user,$passwd,$dbname) 
            or die ( "Location: error.html" ); 	

$picid = $_POST['picid'];
$comment = $_POST['comment'];
$name = mysql_real_escape_string($_POST['name']);   //// this bit is not working?? Doesnt store anything in the database? works if i get rid of mysql_real_escape_string(
$email = mysql_real_escape_string($_POST['email']);

echo $picid;
echo $comment;
$comment = nl2br($comment);
echo $_POST['comment'];
echo "<br>";
echo $comment;

$dt2 = date('Y-m-d H:i:s');
echo $dt2;

$query = "INSERT INTO `1300blablabla`.`piccomments` (
`picid` ,
`comment` ,
`name` ,
`email` ,
`date`
)
VALUES (
'" . $picid . "', '" . $comment . "', '" . $name . "', '" . $email . "', '" . $dt2 . "'
)";

$result = mysqli_query($cxn,$query) or die ("Couldnt execute queryLOLHEAPS FUCKING CUT.");
mysql_error();

echo $comment;

$stat = "sucess";
header ( "Location: gallery.php?stat=". $stat . "&picid=" . $picid . "" );
?>

premiso · December 23, 2008

mysqli_real_escape_string

You need to use the mysqli version not mysql since you are using mysqli...

lokie538 · December 23, 2008

lol I always overlook the small things

Thanks mate!

Sign In

[SOLVED] mysql_real_escape_string not working?

Recommended Posts

lokie538

Link to comment

Share on other sites

premiso

Link to comment

Share on other sites

lokie538

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information